@sgiehl opened this Pull Request on November 24th 2022 Member

Description:

Matomo currently uses a system to auto sanitize parameters. This is also done for parameters like password or passwordConfirmation. In some place those parameters are even sanitized twice, causing an unsanitize not to result in the same password as before.

As the password is a parameter that will never get printed anywhere it should be totally safe to never sanitize those parameter.
This PR aims to change that everywhere. In addition I've tried to update the tests, so they are using a password containing various special chars.

As this changes the password use for our test fixture, it might be required to update some plugin tests after merging...

fixes #20021
fixes #19857

Review

Powered by GitHub Issue Mirror